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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the application: 

Listing of Claims; 

1 . (Currently Amended) A method of controlling security of data in a 
storage system having a local disk system and a remote disk system that are coupled to at least 
one host computer, the method comprising: 

in the local disk system coupled to a first host compute r, the local disk system 
having first and second volumes of storage, the first and second volumes associated with first 
and second encryption keys, respectively : 

when a write of data is to be made to the first volume of the local disk 
system, retrieving a pr e viously stor e d the first encryption key; 

encrypting the data using the first key , the encrypting being performed by 

the local disk system; 

transferring the encrypted data to the remote disk system via a first 
communication link; then 

in the remote disk system: 

determining whether the data is to be stored in an encrypted form, the 
determining being performed by the remote disk system; 

determining an address for storage of the data in the remote disk system; 

if the data is to be stored in a decrypted form, decrypting and writing the 
data in the remote disk system; 

if the data is to be stored in an encrypted form, writing the data in the 
remote disk system without decrypting the data; and 

notifying the local disk system via the first communication link that the 
step of writing the data is complete, 
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wherein the local disk system is coupled to the first host computer via a second 
communication link to allow the first host computer to access data stored in the local disk 
system, the first and second communication links being different^ 

wherein the remote disk system includes third and fourth volumes corresponding 
to the first and second volumes, respectively . 

2. (Currently Amended) A method of controlling security of data in a 
storage system having a local disk system and a remote disk system that are coupled to at least 
one host computer, the method comprising: 

in the local disk system coupled to a first host computer: 

when a write of data is to be made to the local disk system, a previously 

stored encryption key; 

encrypting the data using the key, the encrypting being performed by the 

local disk system: 

transferring the encrypted data to the remote disk system via a first 

conmiunication link: then 

in the remote disk system: 

determining whether the data is to be stored in an encrypted form, the 

determining being performed by the remote disk system: 

determining an address for storage of the data in the remote disk system: 

if the data is to be stored in a decrypted form, decrypting and writing the 

data in the remote disk system: 

if the data is to be stored in an encrypted form, writing the data in the 

remote disk system without decrypting the data: and 

notifying the local disk system via the first communication link that the 

step of writing the data is complete, 

wherein the local disk system is coupled to the first host computer via a second 
conmiunication link to allow the first host computer to access data stored in the local disk 
system, the first and second commimication links being different. 
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wherein the method further comprises A m e thod as in claim 1 further comprising: 
maintaining an encryption control table on the local disk system, the encryption control table 
including a list of encryption keys for selected volumes of the local and the remote disk system, 

wherein the data transfer between the local disk system and the remote disk 
system occurs via a communication link that couples the local disk system to the remote disk 
system, so that the local disk system may send the data to the remote disk system without direct 
involvement from the host computer, 

wherein the list of encryption keys includes the first and second keys, the first key 
being assigned to a first set of volumes in the local disk system, and the second key being 
assigned to a second set of volumes in the local disk system, each of the first and second set of 
volumes including one or more volumes, 

wherein the retrieving step includes accessing the encryption control table to 
obtain an appropriate encryption key, where the data are encrypted using the first key if the data 
to be transferred to the remote disk system are associated with the first set of volumes and 
encrypted using the second key if the data to be transferred to the remote disk system are 
associated with the second set of volumes, 

wherein the remote disk system is coupled to a second host computer. 

3. (Original) A method as in claim 2 wherein the list of encryption keys 
further includes information relating to the use and non-use of encryption on the local disk 
system. 

4. (Original) A method as in claim 2 wherein the list of encryption keys 
further includes information relating to the use and non-use of encryption on the remote disk 
system. 

5. (Original) A method as in claim 3 wherein the encryption key is 
applicable to less than all of the storage on the local disk system. 
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6. (Original) A method as in claim 4 wherein the encryption key is 
applicable to less than all of the storage on the remote disk system. 

7. (Original) A method as in claim 3 wherein the encryption key is 
applicable to at least one disk on the local disk system. 

8. (Original) A method as in claim 7 wherein the encryption key is 
applicable to at least one disk on the remote disk system. 

9. (Previously Presented) A method for changing an encryption key while 
operating a storage system having a local disk system and a remote disk system comprising: 

storing an encryption key in a memory in the local disk system; 

transmitting the encryption key to the remote disk system and storing it in a 
memory there via a first communication link coupling the local and remote disk systems; 

in the local disk system, determining a boundary for use of the encryption key by 
the local disk system; 

in the remote disk system, receiving the boundary fi-om the local disk system by 
the remote disk system; 

in both the local and the remote disk systems, determining a relationship of 
present operations to the boundary by each of the local and remote disk systems; 

in both the local and the remote disk systems, waiting for the boundary and then 
changing the encryption key for data stored thereafter by each of the local and remote disk 
systems, 

wherein the local disk system is coupled to a first host computer via a second 
communication link that is different than the first communication link. 

10. (Original) A method as in claim 9 wherein operations before the boundary 
are performed using a first encryption key and operations after the boundary are performed using 
a second encryption key. 
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1 1 . (Original) A method as in claim 9 wherein the boundary is defined by 
counting input/output operations and using the count to define the boundary. 

12. (Currently Amended) A m e thod for changing an encr>T>tion k e y whil e 
op e rating a storag e syst e m having a local disk syst e m and a r e mot e disk syst e m, th e method 
comprising: 

storing on encryption k e y in a m e mory in th e local disk system; 

transmitting via a first communication linlc th e e ncryption key to th e remot e disk 
syst e m and storing th e encryption k e y in a m e mory of th e remot e disk system; 

issuing split r e quest fi-om th e local disk syst e m to th e remot e disk syst e m to allow 
th e m to op e rat e ind e p e nd e ntly, the split requ es t b e ing g e n e rated by th e local disk system or th e 
r e mot e disk syst e m; 

using a n e w encryption k e y by th e local disk syst e m to b e gin storing data in th e 
local disk syst e m aft e r issuing th e split r e quest; 

using a new encryption k e y to b e gin storing data in th e remot e disk system aft e r 
r e c e iving th e split r e qu e st; and 

r e synchronizing th e local disk syst e m and th e remot e disk s ystem, 

wh e rein th e local disk system is coupl e d to a host comput e r via a second 
communication linlc that is differ e nt than th e first conmiunication linlc to allow th e host comput e r 
to acc e ss data stored in th e local disk system, th e first and second communication linlcs b e ing 
differ e nt. 

13. (Previously Presented) A method of controlling encryption in a storage 
system having a local disk system and a remote disk system comprising: 

maintaining a control table in each of the local disk system and the remote disk 

system; 

determining a boundary in the local disk system where encryption is to be 
switched to an opposite state, the determining performed by the local disk system; 
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in the remote disk system, receiving a corresponding boundary from the remote 

disk system; 

in both the local and the remote disk system, determining a relationship of present 
operations to the boundary; 

in both the local and the remote disk system waiting for the boundary, and then 
changing the encryption to the opposite state, 

wherein the local disk system is coupled to a first host computer via a first 
communication link, and the remote disk system is coupled to a second host computer via a 
second communication link, the local disk system and the remote disk system being coupled to 
each other via a third communication link, the third conmiunication link being different than the 
first or second communication link. 

14. (Original) A method as in claim 13 wherein operations before the 
boundary are either encrypted or not encrypted, and operations performed after the boundary are 
either not encrypted or encrypted oppositely to those operations performed before the boundary. 

15. (Original) A method as in claim 14 wherein the boundary is defined by 
counting input/output operations and using the count to define the boundary. 

16. (Currently Amended) A method of controlling encryption in a storage 
system having a local disk system and a remote disk system comprising: 

storing an- first and second encryption keys in a memory in the local disk system 
that is coupled to a host computer via a first communication lin k, the first and second encryption 
keys assigned to first and second volumes of the local disk system, respectively : 

transmitting via a second communication link the first and second encryption key 
to the remote disk system and storing it in a memory there , the remote disk system including 
third and fourth volumes corresponding to the first and second volume, respectively : 
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splitting the local disk system from the remote disk system to allow them to 
operate independently, wherein the splitting is performed according to a first command issued by 
the local or remote disk system; 

switching encryption to an opposite state from a previous state after splitting the 
local disk system and remote disk system; and 

re-synchronizing the local disk system and the remote disk system, wherein the 
re-synchronizing is performed according to a second command issued by the local or remote disk 
systemt, the first and second communication links being different. 

17. (Currently Amended) A storage system comprising: 
a local disk system including a plurality of volumes of media for storing data, said 
local disk system being coupled to a host computer via a first communication link to enable the 
host computer to access said volumes , the plurality of volumes in the local disk system including 
first and second volumes that are associated with first and second encryption keys, respectively ; 

a remote disk system including a plurality of volumes of media for storing data; 

and 

a second communications link coupling the local disk system to the remote disk 

system, 

wherein the local disk system determines whether encryption is to be employed in 
the data associated with the first volume in en the local disk system, and if so, the local disk 
system encrypts the data to be transferred to the remote disk system using the first key , and 

wherein the remote disk system determines whether to store the data in either 
encrypted form or unencrypted form and stores the data in that form in the remote disk system, 
and notifies the local disk system that the data has been stored via the second communication 
link, 

wherein the first and second communication links are different. 
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18. (Original) A system as in claim 17 further comprising an encryption 
control table stored on the local disk system, the encryption control table including a list of 
encryption keys for selected volumes of the local system and the remote system. 

19. (Original) A system as in claim 18 wherein the list of encryption keys 
further includes information relating to the use and non-use of encryption on the local system. 

20. (Original) A system as in claim 19 wherein the list of encryption keys 
further includes information relating to the use and non-use of encryption on the remote system. 

21 . (Original) A system as in claim 20 wherein the encryption key is 
applicable to less than all of the storage on the local system, 

22. (Original) A system as in claim 21 wherein the encryption key is 
applicable to less than all of the storage on the remote system. 

23. (Canceled). 

24. (Canceled). 

25. (Canceled). 

26. (Currently Amended) A system for controlling encryption in a storage 
system having a local disk system and a remote disk system comprising: 

a local memory in the local disk system for storing an first encryption key 
assigned to a first volume in the local disk system and a second encryption key assigned to a 
second volume in the local disk system ; 

a first communications link for transmitting th e first and second encryption keys 
to the remote disk system and storing the first and second encryption keys in a remote memory 
of the remote disk system; 

a first computer program for splitting the local disk system fi"om the remote disk 
system to allow them to operate independently; 
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a switch for changing encryption to an opposite state from a previous state after 
splitting in the local disk system and remote disk system; and 

a second computer program for re-synchronizing the local disk system and the 
remote disk system, 

wherein the local disk system is coupled to a host computer via a second 
communication link that is different than the first communication link, 

wherein the local disk system is configured to execute the first computer program 
or the second computer program, or both, 

wherein the local disk system is configured to encrypt data to be transferred to the 
remote disk system using the encryption key that is stored in the local memory of the local disk 
system. 

27. (Currently Amended) A method of controlling security of data in a 
storage system having a local disk system and a remote disk system comprising: 

in the local disk system , the local disk system including first and second volumes 
that are assigned first and second encryption keys, respectively : 

receiving a data update request from a host computer connected to the 
local disk system wherein said data update request includes a location of athe first volume 
storag e ar e a of the local disk system, the host computer being connected to the local disk via a 
first communication link; 

assigning a k e y to th e first storag e area of th e local disk syst e m; 

encrypting the data associated with the first storag e ar e a volume of the 
local disk system using the first key b y the local disk system; 

transferring the encrypted data to the remote disk system via a second 
communication link by the local disk system; then 
in the remote disk system: 

decrypting the data using the assign e d first key by the remote disk system; 

and 
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writing the decrypted data into a second storag e ar e a third volume of the 
remote disk system by the remote disk system, 

wherein the first and second communication Unks are different. 

28. (Canceled) A m e thod as in claim 27 wher e in the first s torag e ar e a 
compris e s at l e ast a volum e of th e local disk syst e m and th e second storag e ar e a compris e s at 
l e ast a volum e of th e r e mot e disk syst e m. 

29. (Canceled) A method as in claim 28 wh e r e in th e first portion comprises 
a group of volumes of th e local disk system, and th e s e cond portion comprises a group of 
volumes of th e r e mot e disk syst e m. 

30. (Currently Amended) A storage system comprising: 

a local disk system including a plurality of first and second storage volumes for 
storing data, the first and second volumes being assigned with first and second encryption keys, 
respectively, wherein the local disk system is connected to a host computer via a first 
communication link; 

a remote disk system including a plurality of third and fourth storage volumes^ 
respectively, for storing data; 

a second communications link coupling the local disk system to the remote disk 
system, the first and second communication links being different, 

wherein the local disk system retrieves selected data fi-om on e of th e volumes the 
first volume in the local disk system, encrypts the selected data using ^the first encryption key, 
and transmits the encrypted data to the remote disk system, and 

wherein the remote disk system decrypts the encrypted data received fi:*om the 
local disk system via the second commxmications link and stores the data in unencrypted form in 
on e of th e the third volume volumes in the remote disk system. 

3 1 . (Currently Amended) A system as in claim 30 further comprising an 
encryption control table stored on the local disk system, the encryption control table including 
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the firs t, second and third and second keys that ar e assign e d to first, second and third storage 
areas of th e local disk system, respectiv e ly . 

32. (Currently Amended) A method of controlling security of data in a disk 
system coupled to a host computer and a remote storage system, the method comprising: 

at the disk system, receiving data to be stored fi'om the host computer via a first 
communication link, so that the data can be stored in a given area in the disk system , the disk 
system including first and second volume that are assigned first and second encryption keys, 
respectively, ; 

encrypting the data received fi-om the host computer using the first or second key 
according to a given k e y maintained by th e disk system the location of the given area, wherein 
the first key is used if the given area in the first volume and the second key is used if the given 
area is in the second volume , the encrypting performed by the disk system; and 

transferring the encrypted data to the remote storage system via a second 
communication link by the disk system, so that the remote storage system can store the data 
therein. 

33. (Canceled) Th e method of claim 32, wh e rein th e disk syst e m maintains 
first and second k e ys that ar e assign e d to fir s t and second storag e areas, respectiv e ly, th e first and 
s e cond storag e ar e as b e ing storag e ar e as in th e disk syst e m. 

34. (Canceled) Th e method of claim 33, wh e r e in th e data rec e ived from th e 
host comput e r ar e e ncrypted using th e first k e y if th e data r e ceived ar e to b e stor e d in th e first 
storag e area and e ncrypt e d using th e second k e y if th e data r e ceiv e d ar e to b e stor e d in th e 
second storag e ar e a. 
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